Authentication Solution #98
Comments
|
oh, thanks so much, you help me alot. 1000 like :) |
|
Made a note of this in my blogpost: https://raccoon.onyxbits.de/blog/bad-authentication-google-account-blocked/ Though I'm still looking for a better way. My current working theory is that Google partially rolled out an account manager update (A/B testing) that either dropped support for Jelly Bean (Raccoon mimics the JB TLS stack) or factors in something from the environment ("what else came from that IP address?") that results in blocked login attempts. |
|
this kind of solution seems pretty unstable. |
|
Looks like google has fixed it. Is there any other way? plz. |
yup, create app password not work anymore. |
|
Any news about this? App passwords stopped working for me as well. |
|
I really need Raccoon to work again. If you need to donate please tell me. I will help you somewhat. |
|
What still works in general is to use a real/virtual rooted device, and sniff the network traffic while adding the Google account (requires to use an anti-TLS-pining tool). From the sniffed network traffic you can extract the used authentication token for Play Store. Afterwards activate Air plane mode and perform a factory reset. The extracted token can then be used instead of username/password. Unfortunately Raccoon does currently not allow to directly enter the token instead of username/password. |
Any update? |
Hi |
|
@babyquin I use a Magisk rooted device and installed the add-ons "Riru" + "Riru EdXposed". In EdXposed I use the addon TrustMeAlready to disable certificate pinning. For intercepting the network data a proxy like mitmproxy, Fiddler, Charles is suitable. Check for requests to Another way is to use the The Bearer token format is not yet supported by Raccoon. Real Android devices no only use this new token format. I only have made some tests using this new format to verify that it works at all, but I don't have much experience with it. Especially I don't know how long such tokens remain valid (old token format as well as the new bearer token format). based on my experiments the bearer token seems to be more a short-term token. |
|
@jpstotz is there any way to get in contact with you? |
|
@GRodrig I have an e-mail account on |
|
@jpstotz Email sent, ty |
|
Please try the latest (v4.19.0) version. It might solve the problem. |
Hi, thanks for update. Can you update download link for windows version, it's not working. Link for linux version is ok. ah, please update DummyDroid too, Can't login with old version (2.2) Thanks much |
|
v4.19.0 solved the problem for me, thanks. |
|
@babyquin |
|
@onyxbits |
Thank you so much! you are the best 👍 |
|
Let us see how long the version increase to API level 17 (Android 4.2) will work. After disabling Google services for pre 4.x devices Google seems to prepare the next step, now focusing on devices up to Android 4.3: https://www.androidauthority.com/android-jelly-bean-eol-1641403 |
|
Do I need to generate new profile to make it work with 4.19.0? I tried logging in with older profile and still get same error: raccoon -Draccoon.playprofile=d***r --gp-auth
org.apache.http.client.ClientProtocolException: BadAuthentication
at com.akdeniz.googleplaycrawler.Identity.doPost(Identity.java:192)
at com.akdeniz.googleplaycrawler.Identity.signIn(Identity.java:153)
at com.akdeniz.googleplaycrawler.GooglePlayAPI.login(GooglePlayAPI.java:319)
at de.onyxbits.raccoon.cli.Play.auth(Play.java:371)
at de.onyxbits.raccoon.cli.Router.main(Router.java:137)
at de.onyxbits.raccoon.Main.main(Main.java:59) |
|
@onyxbits will you post the v4.19 release to Github, too? Thanks! |
|
It is on website & github long ago… still does not work for me |
|
v4.19.0 is available on the website as .jar and .exe files (https://raccoon.onyxbits.de/apk-downloader/), but the most current version on Github is still v4.18.0 (https://github.com/onyxbits/raccoon4/releases). |
|
Forgot to push the tags. Fixed Thanks. |
I was having the same authentication issues as everyone has been reporting recently, but I solved them by enabling 2FA on my Google account and creating an app password for Raccoon. I think they view signing in from a strange application as less suspicious with a dedicated app password than with your normal password. You might consider updating the documentation to suggest this process if other people can replicate my results.
The text was updated successfully, but these errors were encountered: